9.3
CVE-2007-4963
- EPSS 1.99%
- Veröffentlicht 18.09.2007 22:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginVisual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a destination filename via a long sequence of space characters in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged with a separate directory traversal vulnerability to trick a careful user into overwriting arbitrary files.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.99% | 0.78 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://securityreason.com/securityalert/3140
http://www.securityfocus.com/archive/1/479695/100/0/threaded
http://osvdb.org/45948
http://www.securityfocus.com/archive/1/479872/100/100/threaded